package com.syc.springsecuritydemo1.controller;

import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
public class LoginController {
    @RequestMapping("/login")
    public String login(){
        return "login";
    }
    
    //@Secured("ROLE_admin") //必须以ROLE_下划线开头(hasRole('admin')里可以不加)，区分大小写。没有权限会报500
    //@PreAuthorize("hasAnyAuthority('admin')")
    @PreAuthorize("hasRole('admin')")
    @RequestMapping("/toIndex")
    public String index(){
        return "redirect:index1.html";
    }
    @RequestMapping("/toError")
    public String error(){
        return "redirect:error.html";
    }

    @RequestMapping("/admin")
    public String admin(){
        return "redirect:admin.html";
    }

    @RequestMapping("/demo")
    public String demo(){
        return "demo";
    }

}
